$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD1A2/EFE0404A9B3C11EEB3FCAD49C4F9AE02/883D22EE9B3E11EE92E35D68C4F9AE02.roa File: 883D22EE9B3E11EE92E35D68C4F9AE02.roa (raw, json) Hash identifier: k5vDxZxY0nlbHanZLi0NcjwM/K12xntBq1yqMO9Bazs= Subject key identifier: 95:D5:3A:BC:A0:D1:6E:89:E8:C3:68:22:78:8D:EF:AE:EC:0F:2F:20 Certificate issuer: /CN=A91CD1A2/serialNumber=8F06869CEFCD5C2723132E3EF9CDB7A461D01B19 Certificate serial: 02 Authority key identifier: 8F:06:86:9C:EF:CD:5C:27:23:13:2E:3E:F9:CD:B7:A4:61:D0:1B:19 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jwaGnO_NXCcjEy4--c23pGHQGxk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD1A2/EFE0404A9B3C11EEB3FCAD49C4F9AE02/883D22EE9B3E11EE92E35D68C4F9AE02.roa Signing time: Fri 15 Dec 2023 11:38:57 +0000 ROA not before: Fri 15 Dec 2023 11:38:57 +0000 ROA not after: Sun 01 Dec 2024 00:00:00 +0000 asID: 136582 IP address blocks: 103.203.241.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD1A2/EFE0404A9B3C11EEB3FCAD49C4F9AE02/jwaGnO_NXCcjEy4--c23pGHQGxk.crl rsync://rpki.apnic.net/member_repository/A91CD1A2/EFE0404A9B3C11EEB3FCAD49C4F9AE02/jwaGnO_NXCcjEy4--c23pGHQGxk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jwaGnO_NXCcjEy4--c23pGHQGxk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Jun 2024 08:57:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD1A2/serialNumber=8F06869CEFCD5C2723132E3EF9CDB7A461D01B19 Validity Not Before: Dec 15 11:38:57 2023 GMT Not After : Dec 1 00:00:00 2024 GMT Subject: CN=657c3ad1-01fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:28:25:9e:63:6f:4f:12:30:25:da:3e:24:70: ab:23:64:f8:86:89:17:f6:d5:92:96:e9:89:dd:a6: 95:4b:56:6a:68:05:8b:36:6c:13:7c:b0:12:9e:af: ac:89:5f:96:57:c7:00:90:03:c5:90:d8:fe:5b:64: 66:3f:76:60:51:dc:1e:24:c6:b3:be:32:fb:24:74: 79:4f:db:b1:31:88:8b:f0:66:a7:c4:83:a8:09:c3: b7:b1:c1:a9:cd:f8:68:1b:15:40:d4:67:70:dd:c3: 32:d3:f3:ae:09:48:54:76:26:b7:96:ad:cf:b2:5b: 1b:6a:e5:bc:21:8b:8e:c8:95:2d:29:89:79:16:35: 70:af:d9:59:47:59:52:de:e6:f6:15:88:d2:61:22: 2f:dd:28:12:5d:27:0d:a9:a2:2b:6b:77:a0:7d:db: 64:fe:36:c6:57:ff:1c:c8:b9:ef:d9:5d:c5:7b:60: 30:9f:7e:d7:cf:f4:29:08:29:da:b5:a9:48:85:ca: 6c:2c:6d:27:76:14:04:48:18:e4:ee:48:50:4f:15: c9:81:26:e8:52:f5:35:db:77:bb:00:d7:31:92:76: f5:47:c0:56:0a:c5:d5:af:bf:ce:5a:40:f1:e2:a9: 0a:12:59:d6:61:dd:ca:02:64:60:19:c8:e8:f7:6b: e1:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:D5:3A:BC:A0:D1:6E:89:E8:C3:68:22:78:8D:EF:AE:EC:0F:2F:20 X509v3 Authority Key Identifier: keyid:8F:06:86:9C:EF:CD:5C:27:23:13:2E:3E:F9:CD:B7:A4:61:D0:1B:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD1A2/EFE0404A9B3C11EEB3FCAD49C4F9AE02/jwaGnO_NXCcjEy4--c23pGHQGxk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jwaGnO_NXCcjEy4--c23pGHQGxk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD1A2/EFE0404A9B3C11EEB3FCAD49C4F9AE02/883D22EE9B3E11EE92E35D68C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.203.241.0/24 Signature Algorithm: sha256WithRSAEncryption 28:83:f4:d1:c8:5a:36:1b:ab:97:01:9e:b9:61:ed:96:50:c5: eb:36:3d:96:f9:87:f1:53:34:6f:84:67:5c:2f:01:02:3f:c7: 1e:b8:42:67:6c:cf:6d:15:52:66:c7:b6:3b:3f:06:da:26:67: 14:a9:f9:b0:c3:83:75:3e:3f:2b:ca:07:14:dd:52:a7:b9:07: 69:23:d2:2a:4d:e5:b8:9f:fb:91:47:0d:36:bb:b3:db:ac:46: d3:30:e3:ca:d9:a5:b7:a5:54:4a:78:3f:73:61:28:18:61:a2: 43:22:5d:4b:7c:d9:d7:cc:a4:2a:f2:a5:b8:64:8a:fd:08:78: 09:1f:06:06:b3:76:73:ee:b3:dd:81:0a:aa:3e:5a:12:ef:ee: 0c:a4:ac:73:d5:0e:6f:99:5d:69:9e:1d:f2:d2:58:3d:09:01: 92:25:04:81:a0:af:a1:5e:1d:87:19:ab:79:ab:ee:ab:6c:f0: 67:42:a9:96:20:92:f5:d5:9b:25:4a:a9:ab:17:1b:3d:42:ff: 57:e6:fe:97:b5:4c:f3:44:d9:ce:8e:55:f2:27:63:ba:f4:91: d2:43:c5:ec:b4:c7:ca:26:b8:8c:d9:6b:79:f0:76:42:d6:26: 00:e6:5c:a5:a7:dd:4c:61:72:a6:6d:d4:e8:42:f8:31:72:dc: 78:97:0b:30 -----BEGIN CERTIFICATE----- MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RDFBMjExMC8GA1UEBRMoOEYwNjg2OUNFRkNENUMyNzIzMTMyRTNFRjlDREI3QTQ2 MUQwMUIxOTAeFw0yMzEyMTUxMTM4NTdaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV BAMTDTY1N2MzYWQxLTAxZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDZKCWeY29PEjAl2j4kcKsjZPiGiRf21ZKW6YndppVLVmpoBYs2bBN8sBKer6yJ X5ZXxwCQA8WQ2P5bZGY/dmBR3B4kxrO+MvskdHlP27ExiIvwZqfEg6gJw7exwanN +GgbFUDUZ3DdwzLT864JSFR2JreWrc+yWxtq5bwhi47IlS0piXkWNXCv2VlHWVLe 5vYViNJhIi/dKBJdJw2poitrd6B922T+NsZX/xzIue/ZXcV7YDCfftfP9CkIKdq1 qUiFymwsbSd2FARIGOTuSFBPFcmBJuhS9TXbd7sA1zGSdvVHwFYKxdWvv85aQPHi qQoSWdZh3coCZGAZyOj3a+EHAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUldU6vKDR bonow2gieI3vruwPLyAwHwYDVR0jBBgwFoAUjwaGnO/NXCcjEy4++c23pGHQGxkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNEMUEyL0VGRTA0MDRBOUIz QzExRUVCM0ZDQUQ0OUM0RjlBRTAyL2p3YUduT19OWENjakV5NC0tYzIzcEdIUUd4 ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvandhR25PX05YQ2NqRXk0LS1jMjNwR0hRR3hrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RDFBMi9FRkUwNDA0QTlCM0MxMUVFQjNGQ0FENDlDNEY5QUUwMi84ODNEMjJFRTlC M0UxMUVFOTJFMzVENjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ MA4wDAQCAAEwBgMEAGfL8TANBgkqhkiG9w0BAQsFAAOCAQEAKIP00chaNhurlwGe uWHtllDF6zY9lvmH8VM0b4RnXC8BAj/HHrhCZ2zPbRVSZse2Oz8G2iZnFKn5sMOD dT4/K8oHFN1Sp7kHaSPSKk3luJ/7kUcNNruz26xG0zDjytmlt6VUSng/c2EoGGGi QyJdS3zZ18ykKvKluGSK/Qh4CR8GBrN2c+6z3YEKqj5aEu/uDKSsc9UOb5ldaZ4d 8tJYPQkBkiUEgaCvoV4dhxmreavuq2zwZ0KpliCS9dWbJUqpqxcbPUL/V+b+l7VM 80TZzo5V8idjuvSR0kPF7LTHyia4jNlrefB2QtYmAOZcpafdTGFypm3U6EL4MXLc eJcLMA== -----END CERTIFICATE-----Generated at Sat Jun 1 11:14:32 2024 by rpki-client on console-fra.rpki-client.org